There is no way to call an ejb secured by the same security domain as the login module short of writing a new SecurityInterceptor that looks to a run-as role or other token before deciding to do authentication. It does not make sense for this relationship to exist in my view as there is no differentiation between callers of an ejb. A login module has no special role to do so unless a seperate security domain or interceptor is used to provide this.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3930832#3930832 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3930832 ------------------------------------------------------- This SF.Net email is sponsored by xPML, a groundbreaking scripting language that extends applications into web and mobile media. Attend the live webcast and join the prime developer group breaking into this new coding territory! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=110944&bid=241720&dat=121642 _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
